Real-Time & Embedded Systems (RTES) Forum

Objective of Meeting

The objective of Monday’s sessions in the Real-time & Embedded Systems (RTES) Forum was to increase awareness of the security and high dependability capabilities of a separation kernel in general, and for the Mils™ Architecture in particular, to demonstrate how the work on Mils will tie to compositional certification of high-integrity technologies and to look at ways of collaborating with other world-wide efforts to help achieve a common objective of Dependability through Assuredness™.

Summary

Joe Bergmann gave an overview presentation on the RTES Forum, providing a good view of the various working groups, their objectives, and their deliverables. He talked about the focus on Dependability through Assuredness™ – which is much more far-reaching than that which is traditionally perceived as real-time systems and includes all vertical markets with constituents seeking to deliver or consume products that are assured to be dependable, emphasizing that dependability must be demonstrated through assurance programs that require sufficient evidence.

Rance DeLong provided a very informative and thought provoking overview of the Mils™ architectural approach. Starting from the software engineering notion of architecture, the presentation proceeded to discuss the vital importance of architectural enforcement and how Mils™ achieves such enforcement. The presentation then discussed the evolution of “MILS” to “Mils™” and how the concepts of Mils™ are being expanded and refined to achieve the rigor needed for high-integrity systems.

Rance DeLong discussed how the Mils™ architecture lends itself to compositional certification. Using excerpts from a presentation by DeLong and Rushby, he briefly discussed the concepts behind composition within a Mils™ policy architecture, compositional assurance, and the compositional certification of Mils™ systems. The principles were illustrated with an example of compositional assurance using a simple system introduced in the previous presentation.

Mario Tokoro provided a great presentation on Open Systems Dependability: A New Approach to Attain Dependability of Huge and Complex Software Systems.

In the presentation he stressed the environment that must be considered when attaining dependability in complex software systems and some of the major influences such as: strong demands for the dependability of huge and complex software systems and networks that may cause security and integrity problems, increased demands for coping with environmental and requirement changes in operation, user interfaces, performance requirements, necessity of continuous operations, consciousness to performance/cost over lifecycle, and increased accountability to service/system providers.

The presentation proposed a way of addressing these challenges by offering a look at a new approach, referred to as the Dependable Embedded Operating System (DEOS), which includes a proposed architecture, process, and runtime environment.

Outputs

Outputs are reflected in Presentations and Next Steps – please refer to the sections above and below.

Next Steps

D-Case and Collaboration with the RTES Forum: Joe Bergmann to follow-up with Dr. Tokoro to see what regular activities can be cultivated to strengthen this valuable collaborative relationship and further joint initiatives.